Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs

Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs


Log-Analyse und Auswertung: Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 10.11.2011, 08:59   #1
Dj-Elroy
 
Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs - Unglücklich

Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs


hI@all
also ich hab mit warscheinlich was eingefangen :-S als ich gestern im netz rumgewandert bin ^^
seit dem startet firefox (oder ab und an auch IE) irgentwelche komischen links Zb: -> hxxp://de.msn.com/?rd=1 von ganz allein :-( das nervt
Also hab ich in netz bissel gesucht und euch entdeckt und promt die anleitung befolgt -> http://www.trojaner-board.de/69886-a...-beachten.html
Ich bedanke mich schonmal Ganz hertzlich Bei euch :-) und hoffe das wir das wieder hin gekommen :-)
logs nochmal im anhang

ich häng die otl und extras logs mal an :-)
[QUOTE]Und hier nochmal in textform OTL
Code:
ATTFilter
OTL logfile created on: 10.11.2011 08:35:21 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Dj-Elroy\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 71,73% Memory free
8,00 Gb Paging File | 6,81 Gb Available in Paging File | 85,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 122,34 Gb Free Space | 41,05% Space Free | Partition Type: NTFS
Drive D: | 575,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 931,51 Gb Total Space | 10,71 Gb Free Space | 1,15% Space Free | Partition Type: NTFS
 
Computer Name: HAFXNVIDIA | User Name: Dj-Elroy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.11.10 08:34:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Dj-Elroy\Desktop\OTL.exe
PRC - [2011.10.20 00:44:42 | 000,132,608 | ---- | M] (Marx Softwareentwicklung - www.software4u.de) -- C:\Program Files (x86)\Software4u\iPhone Explorer\Software4u.IPELauncher.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.28 08:52:06 | 000,018,472 | ---- | M] (WeGame.com, Inc.) -- C:\Program Files (x86)\WeGame\WGClientService.exe
PRC - [2009.06.04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.10.20 00:44:40 | 000,211,968 | ---- | M] () -- C:\Program Files (x86)\Software4u\iPhone Explorer\Software4u.IPhoneLib.dll
MOD - [2011.09.27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009.07.14 18:58:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 05:55:32 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009.07.14 05:55:26 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009.07.14 05:55:09 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009.07.14 05:55:05 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009.07.14 05:55:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
MOD - [2009.07.14 02:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.28 08:52:06 | 000,018,472 | ---- | M] (WeGame.com, Inc.) [Auto | Running] -- C:\Program Files (x86)\WeGame\WGClientService.exe -- (WeGameClientService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.06.04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.10.26 15:40:43 | 000,438,784 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rt61.sys -- (RT61)
DRV:64bit: - [2011.10.07 18:28:47 | 000,440,064 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw88vid.sys -- (hcw88vid)
DRV:64bit: - [2011.10.07 18:28:47 | 000,339,968 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw88tse.sys -- (HCW88TSE)
DRV:64bit: - [2011.10.07 18:28:47 | 000,016,128 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\hcw88aud.sys -- (HCW88AUD)
DRV:64bit: - [2011.10.02 13:06:27 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011.09.28 18:49:28 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2011.09.28 18:46:30 | 001,196,032 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.08.02 16:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.08.01 14:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.04.17 09:47:42 | 000,062,576 | ---- | M] (Miray) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mvd.sys -- (MirayVirtualDisk)
DRV:64bit: - [2010.09.16 18:33:42 | 001,918,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2009.08.23 12:08:08 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009.08.21 00:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011.03.18 17:08:56 | 000,029,592 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2010.01.29 11:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1C 48 E7 BB 02 7E CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "hxxp://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=DE&install_date=20111007&user_guid=211C1A8E1E074875BAD7860FD439D8AE&machine_id=a2cc5ff76e858f8fc562255a851c9192&browser=FF&os=win&os_version=6.1-x64-SP0&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.09 07:38:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.09.28 18:29:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dj-Elroy\AppData\Roaming\mozilla\Extensions
[2011.10.31 10:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dj-Elroy\AppData\Roaming\mozilla\Firefox\Profiles\nun0vy36.default\extensions
[2011.10.07 19:18:26 | 000,001,390 | ---- | M] () -- C:\Users\Dj-Elroy\AppData\Roaming\Mozilla\Firefox\Profiles\nun0vy36.default\searchplugins\yahoo-zugo.xml
[2011.10.22 20:48:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.22 20:48:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DJ-ELROY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NUN0VY36.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.11.09 07:38:55 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.09.23 02:52:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.23 02:46:24 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.23 02:52:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.30 01:15:23 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.09.23 02:52:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.23 02:52:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.23 02:52:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [iPhone Explorer Launcher] C:\Program Files (x86)\Software4u\iPhone Explorer\Software4u.IPELauncher.exe (Marx Softwareentwicklung - www.software4u.de)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04F653DF-217B-47F7-B170-2791430A000B}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{372D927F-F5C7-4DF8-8B68-0F4254D6290C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.10 08:34:07 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Dj-Elroy\Desktop\OTL.exe
[2011.11.09 22:02:27 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Malwarebytes
[2011.11.09 22:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.09 22:02:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.09 22:02:08 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.11.09 22:02:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.11.09 21:55:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.11.09 21:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.11.09 20:05:11 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\xp-AntiSpy
[2011.11.09 20:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xp-AntiSpy
[2011.11.09 18:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2011.11.09 18:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2011.11.09 18:43:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2011.11.09 15:29:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.11.09 15:27:38 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2011.11.09 15:23:24 | 000,000,000 | -HSD | C] -- C:\Users\Dj-Elroy\AppData\Local\088d9da8
[2011.11.09 12:32:03 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\WinRAR
[2011.11.08 18:33:19 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (18)
[2011.11.08 09:44:01 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\dos
[2011.11.08 09:27:08 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (17)
[2011.11.08 09:11:03 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Various Artists - GTA Vice City OST - Wildstyle Pirate Radio (2002)
[2011.11.08 08:44:53 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (16)
[2011.11.07 20:32:45 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Leopard hd install helper v0.3
[2011.11.07 17:18:18 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (15)
[2011.11.07 15:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Miray Virtual Disk 1.0.1
[2011.11.07 15:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 4 Professional Edition
[2011.11.07 15:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HDClone 4 Professional Edition
[2011.11.07 15:29:10 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Miray.HDClone.v4.0.4.Pro
[2011.11.07 13:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2011.11.07 13:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UltraISO
[2011.11.07 13:48:40 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Documents\My ISO Files
[2011.11.07 13:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\EZB Systems
[2011.11.07 13:48:30 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\UltraISO Premium Edition v9.3.6.2766
[2011.11.07 12:03:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2011.11.07 00:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2011.11.06 13:58:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2011.11.06 13:40:06 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Software4u
[2011.11.06 13:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhone Explorer
[2011.11.06 13:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Software4u
[2011.11.03 16:03:56 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\20030411[1].sieoffadr.v.2.0.b
[2011.11.03 16:00:50 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Local\Gigaset_Communications_Gm
[2011.11.03 16:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync
[2011.11.03 16:00:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigaset QuickSync
[2011.11.03 15:59:29 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Local\Downloaded Installations
[2011.11.03 15:45:21 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Local\Shaw Computer
[2011.11.03 15:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\s25atonce
[2011.11.03 15:45:14 | 000,313,856 | ---- | C] (ELTIMA Software) -- C:\Windows\SysWow64\SPort.dll
[2011.11.03 15:45:14 | 000,094,208 | ---- | C] (DGPDev) -- C:\Windows\SysWow64\CAudioEdit.ocx
[2011.11.03 15:45:14 | 000,065,536 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\vbalProgBar6.ocx
[2011.11.03 15:45:14 | 000,061,440 | ---- | C] (Software-Entwicklung & Vertrieb) -- C:\Windows\SysWow64\sevSplitterBar.ocx
[2011.11.03 15:45:13 | 000,151,552 | ---- | C] (Domenico Statuto - CCRP) -- C:\Windows\SysWow64\ccrpFD6.ocx
[2011.11.03 15:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\s25atonce
[2011.11.03 15:34:40 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Address book
[2011.10.31 12:42:07 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (14)
[2011.10.30 01:14:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011.10.30 01:01:12 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\MOS Electro House Sessions 2
[2011.10.29 21:07:18 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Alapalooza
[2011.10.29 20:28:52 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ControlMK
[2011.10.29 20:28:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ControlMK
[2011.10.29 20:28:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlMK
[2011.10.28 21:46:41 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.10.28 21:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
[2011.10.28 21:44:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011.10.28 21:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.10.28 21:35:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2011.10.28 18:12:23 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Documents\ICQ
[2011.10.28 07:10:09 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\viewtopic.un-Dateien
[2011.10.27 22:17:03 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Download Manager
[2011.10.27 21:00:30 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (13)
[2011.10.27 20:27:49 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (12)
[2011.10.27 18:55:43 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2011.10.27 18:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LinuxLive USB Creator
[2011.10.27 18:55:34 | 004,691,318 | ---- | C] (LinuxLive USB Creator) -- C:\Users\Dj-Elroy\Desktop\LinuxLive USB Creator 2.8.6.exe
[2011.10.26 15:40:43 | 000,000,000 | ---D | C] -- C:\Win7x64
[2011.10.25 23:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.10.25 23:13:07 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.10.25 23:13:07 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.10.23 22:28:42 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2011.10.23 22:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2011.10.23 22:28:40 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Documents\VirtualDJ
[2011.10.23 22:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2011.10.23 21:45:03 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (11)
[2011.10.22 21:59:12 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (10)
[2011.10.22 20:52:54 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.10.22 20:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.10.22 20:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.10.22 20:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.10.22 20:17:03 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\IOAHCIFamily.kext
[2011.10.22 20:16:34 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\AppleACPIPlatform.kext
[2011.10.22 20:16:28 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\AppleAPIC.kext
[2011.10.22 18:29:49 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac
[2011.10.22 18:29:49 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Local\TransMac
[2011.10.22 18:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TransMac
[2011.10.15 21:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011.10.15 21:48:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011.10.15 21:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011.10.15 21:46:05 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011.10.15 21:46:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2011.10.14 19:26:41 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Windows 7 64bit
[2011.10.14 19:26:40 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (9)
[2011.10.14 18:34:51 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Foxit Software
[2011.10.12 22:52:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iPhone Folders
[2011.10.12 22:41:03 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (7)
[2011.10.12 22:27:29 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Local\Apple Computer
[2011.10.12 22:27:28 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Roaming\Apple Computer
[2011.10.12 22:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.10.12 22:27:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.10.12 22:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.10.12 22:26:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.10.12 22:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.10.12 22:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.10.12 22:26:33 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.10.12 22:26:03 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\AppData\Local\Apple
[2011.10.12 22:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.10.12 22:25:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.10.12 22:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.10.12 22:25:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.10.12 22:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.10.12 22:25:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.10.12 15:24:14 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Orange octane
[2011.10.12 15:23:56 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Rover theme
[2011.10.12 14:13:28 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Radio 2.08.50.05 + task29
[2011.10.12 14:05:29 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Pic´s
[2011.10.12 14:05:08 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Fallout New Vegas - Music By Inon Zur & Mark Morgan
[2011.10.12 14:05:02 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\The Best Of The Worst
[2011.10.12 14:04:34 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Mr Oizo
[2011.10.12 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Moonbootica
[2011.10.12 14:04:21 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\2Pac - 2004 - Loyal To The Game
[2011.10.12 13:32:47 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\android
[2011.10.12 13:14:14 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (6)
[2011.10.12 13:00:49 | 000,000,000 | ---D | C] -- C:\Users\Dj-Elroy\Desktop\ReactOS-0.3.13-QEMU
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.10 08:36:37 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.10 08:36:37 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.10 08:36:37 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.10 08:36:37 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.10 08:36:37 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.10 08:34:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Dj-Elroy\Desktop\OTL.exe
[2011.11.10 08:31:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.10 08:31:16 | 000,271,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.10 08:31:01 | 3220,475,904 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.10 08:29:42 | 000,000,020 | ---- | M] () -- C:\Users\Dj-Elroy\defogger_reenable
[2011.11.09 23:07:10 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.09 23:07:10 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.09 22:02:11 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.09 21:55:42 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.09 20:05:11 | 000,001,917 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\xp-AntiSpy.lnk
[2011.11.09 06:51:43 | 000,564,312 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\kaffeekaanne.png
[2011.11.08 18:31:28 | 585,492,760 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\GTA3_audio.nrg
[2011.11.08 17:52:00 | 239,917,336 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\GTAIII.iso.nrg
[2011.11.08 17:47:03 | 000,000,241 | ---- | M] () -- C:\Users\Dj-Elroy\Documents\ax_files.xml
[2011.11.08 08:52:47 | 1395,191,808 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\GTA_Vice_City.iso
[2011.11.07 19:44:02 | 000,001,007 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\TransMac.lnk
[2011.11.07 18:19:55 | 1105,461,242 | ---- | M] () -- C:\windows.img.ima
[2011.11.07 16:32:32 | 000,108,967 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\headphones3.jpg
[2011.11.07 16:31:59 | 000,074,049 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\headphone8.jpg
[2011.11.07 16:31:50 | 000,572,048 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\7139457953_p.jpg
[2011.11.07 16:28:31 | 001,987,174 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\girl.png
[2011.11.07 15:29:20 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\HDClone.lnk
[2011.11.07 13:48:41 | 000,001,007 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\UltraISO.lnk
[2011.11.07 00:46:39 | 211,483,434 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\backup.reg
[2011.11.07 00:37:54 | 000,173,300 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\unbenannt1.jpg
[2011.11.06 13:58:18 | 000,000,943 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\Audacity.lnk
[2011.11.06 13:51:51 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.11.06 13:35:33 | 000,002,561 | ---- | M] () -- C:\Users\Public\Desktop\iPhone Folders.lnk
[2011.11.03 17:25:36 | 000,001,581 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\Backup.Contacts.11.03.11.csv
[2011.11.03 16:10:02 | 000,001,834 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\Adressen.csv
[2011.11.03 16:00:04 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk
[2011.11.03 15:45:15 | 000,001,019 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\s25atonce.lnk
[2011.11.01 08:17:34 | 729,067,520 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\ubuntu-11.10-desktop-i386.iso
[2011.10.31 11:32:37 | 000,047,947 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\usbstick.jpg
[2011.10.30 00:26:27 | 000,002,230 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (6) - Verknüpfung.lnk
[2011.10.29 20:29:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011.10.29 20:01:36 | 162,658,304 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\Macpup_525.iso
[2011.10.29 14:11:21 | 000,037,923 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\3885913_W700.jpg
[2011.10.29 01:22:20 | 000,200,827 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\IMG_29102011_022146.png
[2011.10.29 00:51:56 | 000,524,288 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\900HD-ASUS-0122.ROM
[2011.10.28 23:48:44 | 074,461,184 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\android-x86-2.2-r2-eeepc.iso
[2011.10.28 07:10:12 | 000,040,196 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\viewtopic.un.htm
[2011.10.27 21:19:48 | 000,524,288 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\900HD-ASUS-0401.ROM
[2011.10.27 18:55:35 | 004,691,318 | ---- | M] (LinuxLive USB Creator) -- C:\Users\Dj-Elroy\Desktop\LinuxLive USB Creator 2.8.6.exe
[2011.10.26 15:40:43 | 000,438,784 | ---- | M] (Ralink Technology, Corp.) -- C:\Windows\SysNative\drivers\rt61.sys
[2011.10.26 15:40:43 | 000,303,616 | ---- | M] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2011.10.24 11:53:16 | 000,000,306 | RHS- | M] () -- C:\Users\Dj-Elroy\ntuser.pol
[2011.10.23 23:00:58 | 000,001,039 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\Virtual DJ Pro.lnk
[2011.10.23 22:28:42 | 000,000,953 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\Virtual DJ.lnk
[2011.10.22 21:13:28 | 052,068,352 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\pirate_efi_x_v0.3.iso
[2011.10.19 20:47:19 | 270,250,569 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\iPhone1,2_whited00r441U.ipsw
[2011.10.16 19:48:31 | 000,754,328 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\IMG_0007.JPG
[2011.10.16 19:48:24 | 000,913,756 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\IMG_0006.JPG
[2011.10.16 13:42:34 | 000,001,651 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\iPC_OSx86_10_5_6_Universal_PPF5_Final - Verknüpfung.lnk
[2011.10.15 21:48:42 | 000,001,757 | ---- | M] () -- C:\Users\Public\Desktop\DivX Movies.lnk
[2011.10.15 21:46:06 | 000,001,007 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\SpeedFan.lnk
[2011.10.15 21:46:05 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2011.10.15 09:53:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.10.15 09:53:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.10.15 09:53:00 | 000,007,384 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2011.10.14 23:54:52 | 000,321,856 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.10.13 22:21:19 | 000,768,124 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\Unbenannt.png
[2011.10.13 21:29:40 | 000,042,392 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.10.13 21:29:40 | 000,028,056 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2011.10.12 18:56:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.10.11 21:02:15 | 001,221,076 | ---- | M] () -- C:\Users\Dj-Elroy\Desktop\IMG_11102011_220137.png
 
========== Files Created - No Company Name ==========
 
[2011.11.10 08:31:06 | 000,271,120 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.11.10 08:29:42 | 000,000,020 | ---- | C] () -- C:\Users\Dj-Elroy\defogger_reenable
[2011.11.09 22:02:11 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.09 21:55:42 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.09 20:05:11 | 000,001,917 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\xp-AntiSpy.lnk
[2011.11.09 15:19:55 | 692,615,168 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Windows Fundamentals for Legacy PCs - MUI PACK CD2.iso
[2011.11.09 06:51:43 | 000,564,312 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\kaffeekaanne.png
[2011.11.08 18:28:55 | 585,492,760 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\GTA3_audio.nrg
[2011.11.08 17:47:16 | 239,917,336 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\GTAIII.iso.nrg
[2011.11.08 08:51:34 | 1395,191,808 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\GTA_Vice_City.iso
[2011.11.07 18:06:43 | 1105,461,242 | ---- | C] () -- C:\windows.img.ima
[2011.11.07 16:32:31 | 000,108,967 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\headphones3.jpg
[2011.11.07 16:31:59 | 000,074,049 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\headphone8.jpg
[2011.11.07 16:31:50 | 000,572,048 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\7139457953_p.jpg
[2011.11.07 16:28:30 | 001,987,174 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\girl.png
[2011.11.07 15:31:14 | 009,127,936 | ---- | C] () -- C:\hdclone.iso
[2011.11.07 15:29:20 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\HDClone.lnk
[2011.11.07 15:24:06 | 009,127,936 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\hdclone.iso
[2011.11.07 13:48:41 | 000,001,007 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\UltraISO.lnk
[2011.11.07 00:46:32 | 211,483,434 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\backup.reg
[2011.11.07 00:37:54 | 000,173,300 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\unbenannt1.jpg
[2011.11.06 13:58:18 | 000,000,955 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2011.11.06 13:58:18 | 000,000,943 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Audacity.lnk
[2011.11.03 16:28:34 | 000,001,581 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Backup.Contacts.11.03.11.csv
[2011.11.03 16:08:24 | 000,001,834 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Adressen.csv
[2011.11.03 16:00:04 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk
[2011.11.03 15:45:15 | 000,001,019 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\s25atonce.lnk
[2011.11.03 15:45:14 | 001,060,864 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2011.11.03 15:45:14 | 000,909,312 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll
[2011.11.03 15:45:14 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll
[2011.11.03 15:45:14 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2011.11.03 15:45:14 | 000,182,784 | ---- | C] () -- C:\Windows\SysWow64\DGVorbis.dll
[2011.11.03 15:45:14 | 000,175,104 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011.11.03 15:45:14 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\MP3DEE.DLL
[2011.11.03 15:45:14 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2011.11.03 15:45:14 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kwab.dll
[2011.11.03 15:45:13 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\MSOUTL9.OLB
[2011.11.01 08:09:33 | 729,067,520 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\ubuntu-11.10-desktop-i386.iso
[2011.10.31 11:32:36 | 000,047,947 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\usbstick.jpg
[2011.10.30 01:22:05 | 584,806,400 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Windows XP Home SP2 [OEM Edition].ISO
[2011.10.30 01:14:42 | 000,001,966 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.10.30 01:14:42 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.10.30 01:14:42 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.10.30 00:26:27 | 000,002,230 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Neuer Ordner (6) - Verknüpfung.lnk
[2011.10.30 00:21:32 | 000,066,104 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Mac Startup Sound.mp3
[2011.10.30 00:17:28 | 662,700,032 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Windows XP Professional SP3 Integrated September 2009 Corporate.iso
[2011.10.29 21:10:50 | 205,717,504 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\WinLite.iso
[2011.10.29 20:29:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011.10.29 19:59:03 | 162,658,304 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Macpup_525.iso
[2011.10.29 14:11:20 | 000,037,923 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\3885913_W700.jpg
[2011.10.29 01:22:15 | 000,200,827 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\IMG_29102011_022146.png
[2011.10.28 23:47:51 | 074,461,184 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\android-x86-2.2-r2-eeepc.iso
[2011.10.28 07:10:08 | 000,040,196 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\viewtopic.un.htm
[2011.10.23 23:00:58 | 000,001,039 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Virtual DJ Pro.lnk
[2011.10.23 22:28:42 | 000,000,953 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Virtual DJ.lnk
[2011.10.22 18:29:50 | 000,001,007 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\TransMac.lnk
[2011.10.22 17:32:21 | 000,046,516 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\MacOSX_Media_Background.png
[2011.10.16 19:43:41 | 000,913,756 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\IMG_0006.JPG
[2011.10.16 19:43:39 | 000,754,328 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\IMG_0007.JPG
[2011.10.16 13:42:34 | 000,001,651 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\iPC_OSx86_10_5_6_Universal_PPF5_Final - Verknüpfung.lnk
[2011.10.16 01:12:59 | 000,002,048 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Bootable_NoEmulation.img
[2011.10.15 21:48:42 | 000,001,757 | ---- | C] () -- C:\Users\Public\Desktop\DivX Movies.lnk
[2011.10.15 21:46:06 | 000,001,007 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\SpeedFan.lnk
[2011.10.15 21:46:05 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2011.10.14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.10.13 21:29:40 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.10.13 21:29:40 | 000,028,056 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2011.10.12 22:52:41 | 000,002,561 | ---- | C] () -- C:\Users\Public\Desktop\iPhone Folders.lnk
[2011.10.12 22:27:22 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.10.12 22:26:01 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.10.12 18:56:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.10.12 14:05:29 | 000,678,158 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\Klassisches Bubble Breaker.apk
[2011.10.11 21:01:53 | 001,221,076 | ---- | C] () -- C:\Users\Dj-Elroy\Desktop\IMG_11102011_220137.png
[2011.10.07 19:18:19 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.10.07 19:18:19 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.10.07 19:18:18 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.10.07 19:18:18 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.10.07 19:18:18 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.09.28 18:52:16 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011.09.28 18:52:16 | 000,014,392 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.09.28 18:52:07 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011.09.28 18:52:07 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011.09.28 18:45:00 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.11.06 09:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011.10.14 18:34:51 | 000,000,000 | ---D | M] -- C:\Users\Dj-Elroy\AppData\Roaming\Foxit Software
[2011.11.09 21:55:28 | 000,000,000 | ---D | M] -- C:\Users\Dj-Elroy\AppData\Roaming\ICQ
[2011.11.06 13:40:06 | 000,000,000 | ---D | M] -- C:\Users\Dj-Elroy\AppData\Roaming\Software4u
[2011.09.30 07:33:52 | 000,000,000 | ---D | M] -- C:\Users\Dj-Elroy\AppData\Roaming\TeamViewer
[2011.11.09 21:59:11 | 000,000,000 | ---D | M] -- C:\Users\Dj-Elroy\AppData\Roaming\uTorrent
[2009.07.14 06:08:49 | 000,027,846 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.09.28 18:17:45 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.09.28 18:17:23 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.10.07 19:38:17 | 000,000,000 | ---D | M] -- C:\Hauppauge
[2011.09.28 18:46:01 | 000,000,000 | ---D | M] -- C:\Intel
[2011.10.07 19:05:44 | 000,000,000 | ---D | M] -- C:\MyVideos
[2011.09.28 18:29:30 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.11.09 21:55:41 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.11.09 23:02:01 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.11.09 22:02:10 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.09.28 18:17:23 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.09.28 18:17:24 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.11.10 08:36:24 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.09.28 18:34:53 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.26 15:40:43 | 000,000,000 | ---D | M] -- C:\Win7x64
[2011.11.10 08:31:25 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
 
 
< MD5 for: EXPLORER.EXE  >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
<           >

< End of report >
--- --- ---

Hier der extras log

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.11.2011 08:35:21 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Dj-Elroy\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 71,73% Memory free
8,00 Gb Paging File | 6,81 Gb Available in Paging File | 85,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 122,34 Gb Free Space | 41,05% Space Free | Partition Type: NTFS
Drive D: | 575,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 931,51 Gb Total Space | 10,71 Gb Free Space | 1,15% Space Free | Partition Type: NTFS
 
Computer Name: HAFXNVIDIA | User Name: Dj-Elroy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{3e116348-5bec-4119-b3a0-30f2e0614eb3}" = Gigaset QuickSync
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}" = Microsoft IntelliType Pro 8.0
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A8B461A-9336-4CF9-98F4-14DD38E673F0}" = BioShock 2
"{53DA6CFE-7CDE-4F72-9E23-39AAC686DE17}" = iPhone Folders
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A2A107B-9695-423F-9462-8F17C178BD35}" = TP-LINK-Clientinstallationsprogramm
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9A431FF-FDB1-40E5-B5F3-215290FD62DE}" = TP-LINK Drahtlos Tool
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12345_is1" = WeGame Client 2.4.3.0
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 1.2.6
"ControlMK" = ControlMK 0.232
"FE5AE7DC-7B01-4263-A94C-B4526C276549_is1" = iPhone Explorer
"Foxit Reader_is1" = Foxit Reader 5.0
"Game Cam XPress" = Game Cam XPress 2.6.0
"HDClone.Professional.4.0.4.1033-{A524A8B6-92C0-4F1E-9DB9-F138A22D6911}" = HDClone 4 Professional Edition
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.8.0 (Full)
"LinuxLive USB Creator" = LinuxLive USB Creator
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"s25atonce_is1" = s25atonce 3.8.1
"Security Task Manager" = Security Task Manager 1.8d
"SpeedFan" = SpeedFan (remove only)
"TransMac_is1" = TransMac version 10.1
"UltraISO_is1" = UltraISO Premium V9.36
"uTorrent" = µTorrent
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"WinLiveSuite" = Windows Live Essentials
"Xfire" = Xfire (remove only)
"xp-AntiSpy" = xp-AntiSpy 3.97-11
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
Geändert von Dj-Elroy (10.11.2011 um 09:25 Uhr)

 

Themen zu Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs
7-zip, adobe flash player, application/pdf, application/pdf:, bho, bonjour, c:\windows\system32\rundll32.exe, drahtlos, error, explorer, firefox, flash player, format, helper, hijack, hijackthis, install.exe, langs, log, logfile, nvidia update, object, opera, ordner, plug-in, programme, registry, rundll, scan, security, shortcut, version=1.0, vice city, webcheck, windows, windows 7 x64, windows xp, winlogon.exe, yahoo


« Facebook Trojaner | backdoor:win32/Cycbot.G und HTML/Rce.Gen bin ich sie los? »


Ähnliche Themen: Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs


  1. Firefox startet automatisch und schickt mich auf eine unbekannte Internetseite.
    Log-Analyse und Auswertung - 20.08.2015 (8)
  2. Firefox startet automatisch und ruft selbständig Internetseiten auf
    Plagegeister aller Art und deren Bekämpfung - 15.01.2015 (2)
  3. Explorer.exe, FireFox & Flash instabil - ProgDVB Setup startet Automatisch
    Log-Analyse und Auswertung - 29.06.2014 (5)
  4. malwarebytes startet nicht mehr und andere komischen Probleme
    Log-Analyse und Auswertung - 03.06.2014 (15)
  5. Windows 7: Firefox startet automatisch mit Werbung
    Log-Analyse und Auswertung - 23.01.2014 (9)
  6. Windows 7 startet den Rechner automatisch
    Alles rund um Windows - 19.12.2013 (1)
  7. Windows 7 : iexplore startet automatisch
    Log-Analyse und Auswertung - 28.08.2013 (16)
  8. Rootkit Problem - PC startet weder IE, noch Thunderbird und Firefox (nur ganz selten) oder Links fe
    Log-Analyse und Auswertung - 21.11.2011 (9)
  9. Google links werden zu komischen Seiten
    Plagegeister aller Art und deren Bekämpfung - 21.04.2011 (18)
  10. Firefox langsam, öffnet automatisch links, falsche Weiterleitung bei google suche
    Log-Analyse und Auswertung - 24.11.2010 (17)
  11. Firefox.... Cursor läuft automatisch immer nach links
    Alles rund um Windows - 07.06.2010 (0)
  12. 2. Firefox-Prozess-startet immer wieder automatisch
    Plagegeister aller Art und deren Bekämpfung - 22.02.2010 (2)
  13. Firefox öffnet komischen Link/MSN Virus
    Log-Analyse und Auswertung - 26.10.2008 (1)
  14. Internet Explorer startet beim Start von Firefox automatisch
    Log-Analyse und Auswertung - 02.10.2007 (2)
  15. firefox.exe startet automatisch
    Plagegeister aller Art und deren Bekämpfung - 12.09.2007 (12)
  16. firefox.exe startet automatisch
    Plagegeister aller Art und deren Bekämpfung - 29.10.2006 (3)
  17. Windows Explorer startet automatisch ??? Help please!
    Alles rund um Windows - 01.10.2004 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs - hI@all also ich hab mit warscheinlich was eingefangen :-S als ich gestern im netz rumgewandert bin ^^ seit dem startet firefox (oder ab und an auch IE) irgentwelche komischen links - Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs...
Archiv
Du betrachtest: Windows 7 X64 startet Automatisch firefox mit komischen links (anleitung vervolg ich) hier die logs auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131